General

  • Target

    0886e97618ca2b166c91258a8c487b20952f53ab448e21e2dfe34e33129cdd28

  • Size

    1.1MB

  • Sample

    240518-f1rvxadf27

  • MD5

    f12440bd59075e10ec8a959a17a32b80

  • SHA1

    a1c9a8328cc28ec25f9b1d6a18f9ef5e858723e6

  • SHA256

    0886e97618ca2b166c91258a8c487b20952f53ab448e21e2dfe34e33129cdd28

  • SHA512

    1a936c41ac5e79ff01d769ed3de0e11138049a793695dcafbdf47f85f1805ed2bb1439d33faf10c29734fd832b1ade9f9bbbed2fb18c38edf3fd3ad9aac02361

  • SSDEEP

    24576:S5VBwhindEgW50DedJgWq2a/VYr5zuQJumpxz41tXoF1gUwkZS:QndEIeHgWLUVYr5zh8mpxzzF1Dw4S

Malware Config

Targets

    • Target

      0886e97618ca2b166c91258a8c487b20952f53ab448e21e2dfe34e33129cdd28

    • Size

      1.1MB

    • MD5

      f12440bd59075e10ec8a959a17a32b80

    • SHA1

      a1c9a8328cc28ec25f9b1d6a18f9ef5e858723e6

    • SHA256

      0886e97618ca2b166c91258a8c487b20952f53ab448e21e2dfe34e33129cdd28

    • SHA512

      1a936c41ac5e79ff01d769ed3de0e11138049a793695dcafbdf47f85f1805ed2bb1439d33faf10c29734fd832b1ade9f9bbbed2fb18c38edf3fd3ad9aac02361

    • SSDEEP

      24576:S5VBwhindEgW50DedJgWq2a/VYr5zuQJumpxz41tXoF1gUwkZS:QndEIeHgWLUVYr5zh8mpxzzF1Dw4S

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks